Arbor Networks study shows rate of DDoS attack increase in past 10 years
Distributed denial of service (DDoS) attacks are growing in size, complexity and frequency, according to the latest Annual Infrastructure Report from Arbor Networks.
In 2004, the largest DDoS attack was 8Gbps. Now, it’s reached 400Gbps, with other reported events at 300, 200 and 170Gbps in 2014, according to the report. 2013’s peak was 245Gbps. 38% of survey respondents said they had seen more than 21 attacks per month this year, up significantly from just over a quarter in 2013.
90% of the 287 respondents said their DDoS attacks were at the application layer, while 42% experienced multi-faceted attacks including volumetric, application layer and state exhaustion techniques. More than a quarter of respondents said they saw attacks targeting cloud services, while more than a third had firewall or IPS devices experience a failure of some sort during a DDoS attack.
Almost half (44%) of respondents in data centres said they experienced revenue losses due to DDoS, while more than a third experienced attacks which exhausted their bandwidth – a crucial issue, as it adds collateral damage to data centre customers’ cloud infrastructure.
Yet the key here is how this targets the enterprise. 10% of companies polled said they felt “completely unprepared” to respond to a security incident, while 40% felt “reasonably or well prepared”.
Those with good memories will recall Code Spaces, the web-based SVN and Git hosting provider which had to wave the white flag back in June after what it called a “well-orchestrated” DDoS attack. And according to these survey results, this could be the tip of the iceberg.
“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and data breaches were most likely carried out by employees who had direct access to data files,” said Darren Anstee, Arbor director of solutions architects.
“Today, organisations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend,” he added. “The business impact of a successful attack or breach can be devastating – the stakes are much higher now.”
You can access the full report here (registration required).
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Why 74% of data breaches start with privileged credential abuse
- » Why the missing link for enterprise digital transformation is Zero Trust Security
- » Why SIEM alone is not able to stop insider threats
- » Why the Internet of Things and DDoS attacks are a match made in heaven
- » The cybersecurity angle: Why recent research and investment in quantum and IoT is key